US20030021422A1 - Method for creating a virtual private network through a public network - Google Patents

Method for creating a virtual private network through a public network Download PDF

Info

Publication number
US20030021422A1
US20030021422A1 US10/206,363 US20636302A US2003021422A1 US 20030021422 A1 US20030021422 A1 US 20030021422A1 US 20636302 A US20636302 A US 20636302A US 2003021422 A1 US2003021422 A1 US 2003021422A1
Authority
US
United States
Prior art keywords
unit
key
fact
data
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US10/206,363
Other versions
US7251825B2 (en
Inventor
Daniel Collet
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nagravision SARL
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=4565466&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=US20030021422(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Individual filed Critical Individual
Assigned to NAGRAVISION S.A. reassignment NAGRAVISION S.A. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: COLLET, DANIEL
Publication of US20030021422A1 publication Critical patent/US20030021422A1/en
Application granted granted Critical
Publication of US7251825B2 publication Critical patent/US7251825B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/065Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities

Definitions

  • the present invention refers to the domain of the telecommunication networks, in particular the creation of a private network inside a public network.
  • VPN Virtual Private Network
  • SSL Secure Sockets Layer
  • VPN virtual private network
  • unit U 2 When unit U 2 wants to communicate with unit U 1 , it carries out the same operation using the right D 1 as an identifier and unit U 1 can receive the data because it contains this right.
  • unit U 1 sends its right D 1 to a third unit U 3 , the same principle applies between unit U 1 and U 3 but also between unit U 2 and unit U 3 . They use the right D 1 initiated by unit U 1 to authorize decryption of the data.
  • unit U 2 wants to communicate with unit U 1 without allowing unit U 3 to decrypt the data, unit U 2 also becomes a generating unit and sends a D 2 right to unit U 1 .
  • a second virtual network has been created between units U 1 and U 2 .
  • microprocessors are supplied in the form of a microchip card with a Plug-in SIM or ISO 7816-2 format.
  • the network card of the units contains the aforementioned microchip card, for example in the same way as a GSM phone.
  • the data are directly processed on the network card and the work is done in a transparent way.
  • unit U 2 The user of unit U 2 , at the moment of data issue, will only have to select the network through which the encryption must be done. In fact, it is possible that unit U 2 is part of several networks (for example U 1 and U 3 ) and so a selection must be made.
  • unit U 1 gains access to the public key of unit U 2 to decrypt the right D 1 and send it to unit U 2 .
  • This right can only be decrypted by U 2 thanks to its private key.
  • the other units, which do not possess the private key of unit U 2 cannot decrypt the right D 1 .
  • the initialisation protocol in the security means requires the introduction of a password.
  • Unit U 1 at the moment of the generation of the right D 1 , asks the user to introduce a password which is associated to the right under an encrypted form.
  • This right D 1 is sent to unit U 2 , and when the user of U 2 wants to load this right in the security means, the latter requests the introduction of the password.
  • the secret key contained in all the security modules the password is controlled with that contained in right D 1 and the right is only loaded if the passwords are identical.
  • the password is transmitted between U 1 and U 2 by other means for example by phone.
  • a variant of this solution consists in sending the right D 1 mixed with a large number of filling data. The password is then used as an addressing key to extract the right D 1 inside these superfluous data.
  • a simple and effective means is to load the right D 1 on a removable base such as a floppy disk and send it to U 2 .
  • the host apparatus of the security means disposes of a second location in which it is possible to place a second security means.
  • the transfer is made from one means to another in a very restricted environment.
  • the security means comprise a secret key which is common to all the security means.
  • This key can be of an asymmetrical (RSA) or symmetrical type (DES, CAST, IDEA).
  • the security means of unit U 1 generate a key of encryption/decryption K 1 , which is encrypted by the service key K 0 and sent with the right D 1 according to the above mentioned modalities. In this way, there will be as many different keys as the virtual network. A unit which participates with three networks is therefore going to store three different encryption keys.
  • unit U 1 wishes to transmit data with U 3 , without U 2 , also part of its network, being able to read this information.
  • This invention also extends to a centralized management system of rights. All the units are linked (or can be at a given moment) to a managing centre. When a unit requires the creation of a network R 1 , it sends this request to the managing centre.
  • the latter verifies if the unit is authorized to do this operation and in an affirmative case, it will send the right D 1 to unit U 1 as well as a key K 1 common to the network R 1 .
  • unit U 1 When unit U 2 wishes to participate in this network, unit U 1 transmits the right D 1 or a part of this right to unit U 2 according to the modalities already mentioned above. With this right, unit U 2 can apply to the managing centre in order to receive the key K 1 and the right D 1 as a whole.
  • the centre verifies the password and if it is correct, the right D 1 is transmitted to unit U 2 .
  • the interest of using a managing centre is the dynamic management of such a network.
  • the problem of radiation of part of a network can occur at any time.
  • a high security level involves the frequent change of the encryption keys.
  • FIG. 1 describes a network without managing centre at a unique level
  • FIG. 2 describes a network without managing centre at several levels
  • FIG. 3 describes a network with managing centre.
  • FIG. 1 illustrates 5 identified units UN 1 to UN 5 .
  • Each unit contains security means in which there is a crypto-processor in charge of generation and management of the rights.
  • unit UN 1 generates the D 1 right that it sends to units UN 2 and UN 4 .
  • unit UN 5 In parallel, unit UN 5 generates a right D 5 that it sends to units UN 2 and UN 3 .
  • This random session key KS is generated by the transmitting unit, and is used to encrypt the data. For operational reasons of quickness, this key is a symmetrical type.
  • the transmitting unit has a control data block that consists of the session key KS and the definition of the right necessary for the decryption of the data. This block is encrypted by a common service key to the units, or by the key generated with the right D.
  • control block is treated by the security means before the treatment of the data. These means will therefore decrypt the control block and verify if the required right is present in this unit. In an affirmative case, the session key KS is applied to the data that allows them to be decrypted.
  • FIG. 2 illustrates a variant in which unit UN 1 has generated two rights to create two networks, D 1 a and D 1 b .
  • a first network is created between the units UN 1 , UN 2 and UN 3 while a second network is created between units UN 1 , UN 4 and UN 5 .
  • This variant permits great flexibility in confidential data diffusion choosing that which can encrypt the data.
  • the transmission network is a public one, it can be considered that the data are accessible to all the units that have the right when the connection is done from one unit to the other.
  • FIG. 3 represents the variant with a managing centre MC.
  • Unit UN 1 requires the right D 1 from the MC centre as well as from the encryption key k 1 .
  • the centre records the creation of the network R 1 in its database.
  • unit UN 2 must also receive this right D 1 .
  • the method used can be the one described above or it can receive support from the managing centre.
  • unit UN 1 can communicate the direction of the units with which it wishes to create the R 1 network.
  • the managing centre MC thanks to the secured telecommunications means that it includes, will transfer the right D 1 to all the concerned units as well as the encryption/decryption key k 1 .
  • unit UN 3 wishes to create a network R 3 , it asks the managing centre to assign it the network R 3 associated to the right D 3 .
  • the centre MC can change the keys in the units at regular intervals (or pseudo-random) to avoid using the same key too long and therefore making it vulnerable.
  • the change of key is also useful to eliminate part of the network participants.
  • the generating unit UN 1 informs the managing centre MC that the unit UNn is no longer part of the network D 1 and the centre stops communicating the new keys. Alternatively or as a complement it can send a deactivation order to this unit.
  • This key K 1 can be a symmetrical or asymmetrical type.
  • each unit has two public and private keys and on being encrypted or decrypted, one key or the other will be used.
  • the units UN are pay television decoders and the security means are made up by smart cards. These decoders are also used to receive and send data for electronic messages for example. It is also possible to connect such a decoder to a computer to take advantage of the interface with a high-speed network on one hand and the security of the transactions on the other hand.
  • the right D includes a validity field. So, each unit which receives this right has a validity period. The present date is added to each data exchange (see control block above). It is reminded that this control block is encrypted.
  • the security means verify the compliance of the validity of the right D with the date contained in the control block. If it is out of date, the decryption of the data is not carried out. According to the method chosen, whether it is with a master unit, or with a managing centre, it is foreseen to renew the validity before its deadline, in case that the administrator of the right is willing to do it for the unit concerned. This renewal is carried out by sending a control message to the units concerned with the description of the right and the new validity. Once the validity is exceeded, the right cannot be extended anymore and a new transmission procedure of the right, as described above, is necessary.

Abstract

The aim of this invention involves exchanging data between several computers or multimedia units through a public network guaranteeing at the same time the confidentiality of these data.
This aim is achieved by a creation and use method of a virtual private network (VPN) which has a plurality of units connected to a public network, each unit having security means which has a unique number UA1, this method is characterized by the following steps:
to generate a right Dn associated to the unique number UAn, by the security means of a unit Un,
to transfer this right Dn to the security means of at least one unit Um,
to encrypt the data sent by unit Un and the description of the Dn right by a encryption data key KS,
to receive the data encrypted by the second unit Um, present these data to the security means of the unit Um, verify if the Dn right is present and if this is the case, decrypt the data by the encryption data key KS.

Description

  • The present invention refers to the domain of the telecommunication networks, in particular the creation of a private network inside a public network. [0001]
  • These networks are known under the name “Virtual Private Network” (VPN). [0002]
  • It is known that security connection will be established between two points across a public network using an exchange protocol of keys for the creation of a security connection. Such a protocol is described as SSL which is based on the data exchange thanks to a pair of keys, the public key and the private key for the definition of a symmetrical session encryption key. The data is codified by this session key, the latter being used only for this transaction. [0003]
  • This function can only be developed between two interlocutors and thus cannot allow the formation of a network for several users. In fact, it is necessary to have the same quantity of unities of dialogue as computers to connect. [0004]
  • The need to create such networks is present when one wishes to link several distant points but connected to a same public network such as Internet. [0005]
  • This need goes together with effective protection of the exchanged data because when one connects on the Internet, confidentiality is not guaranteed. [0006]
  • In this way an unsolved problem remains which consists of linking several computers or multimedia units through a public network at the same time guaranteeing the confidentiality of that data. [0007]
  • This aim is reached by a method for creating and using a virtual private network (VPN) which has a plurality of units connected to a public network, each unit having security means which have a unique number UA, this method is characterized by the following steps: [0008]
  • to generate a right Dn associated to the unique number UAn, by the security means of a unit Un, [0009]
  • to transfer this right Dn to the security means of at least one unit Um, [0010]
  • to encrypt the data sent by unit Un and the description of the Dn right by a encryption data key KS, [0011]
  • to receive the data encrypted by the second unit Um, present these data to the security means of the unit Um, verify if the Dn right is present and if this is the case, decrypt the data by the encryption data key KS. [0012]
  • When unit U[0013] 2 wants to communicate with unit U1, it carries out the same operation using the right D1 as an identifier and unit U1 can receive the data because it contains this right.
  • When unit U[0014] 1 sends its right D1 to a third unit U3, the same principle applies between unit U1 and U3 but also between unit U2 and unit U3. They use the right D1 initiated by unit U1 to authorize decryption of the data.
  • Thus, we can see that a spontaneous network has been created whose administrator is unit U[0015] 1, that which has created the first right.
  • We can divide the units into two categories, either the generating units such as unit U[0016] 1 or the participating units such as U2 and U3.
  • It should be noted that if unit U[0017] 2 wants to communicate with unit U1 without allowing unit U3 to decrypt the data, unit U2 also becomes a generating unit and sends a D2 right to unit U1. A second virtual network has been created between units U1 and U2.
  • Practically, these security means can present themselves in several forms. To assure high security in the mechanism of encryption/decryption, specialized microprocessors which contain encryption engine and data such as the security keys are used. [0018]
  • These microprocessors are supplied in the form of a microchip card with a Plug-in SIM or ISO 7816-2 format. [0019]
  • According to a first embodiment of the invention, the network card of the units contains the aforementioned microchip card, for example in the same way as a GSM phone. The data are directly processed on the network card and the work is done in a transparent way. [0020]
  • The user of unit U[0021] 2, at the moment of data issue, will only have to select the network through which the encryption must be done. In fact, it is possible that unit U2 is part of several networks (for example U1 and U3) and so a selection must be made.
  • The sending of the right D[0022] 1 to another unit is an operation which requires great care. In fact, it is necessary to be sure that this right is only loaded in the units desired by U1. Because of this, there are several solutions:
  • unit U[0023] 1 gains access to the public key of unit U2 to decrypt the right D1 and send it to unit U2. This right can only be decrypted by U2 thanks to its private key. The other units, which do not possess the private key of unit U2, cannot decrypt the right D1.
  • the initialisation protocol in the security means requires the introduction of a password. Unit U[0024] 1, at the moment of the generation of the right D1, asks the user to introduce a password which is associated to the right under an encrypted form. This right D1 is sent to unit U2, and when the user of U2 wants to load this right in the security means, the latter requests the introduction of the password. Thanks to the secret key contained in all the security modules, the password is controlled with that contained in right D1 and the right is only loaded if the passwords are identical. The password is transmitted between U1 and U2 by other means for example by phone. A variant of this solution consists in sending the right D1 mixed with a large number of filling data. The password is then used as an addressing key to extract the right D1 inside these superfluous data.
  • a simple and effective means is to load the right D[0025] 1 on a removable base such as a floppy disk and send it to U2.
  • the host apparatus of the security means disposes of a second location in which it is possible to place a second security means. The transfer is made from one means to another in a very restricted environment. [0026]
  • In order to prevent the right D[0027] 1 from being loaded in other units than U2, it is possible to generate the right D1 and to associate it to the unique number of U2 (that is UA2). The right D1 is therefore associated with the unique number UA2 (for unit U2) and sent to this unit. If other security means (Un) attempt to load this right (with the password for example), a verification is done in order to control if the unique number UAn corresponds to that number associated to the right D1.
  • The keys used during the different transactions play an important role. For key encryption of those data, several variants can be used. According to a first embodiment, the security means comprise a secret key which is common to all the security means. This key can be of an asymmetrical (RSA) or symmetrical type (DES, CAST, IDEA). [0028]
  • According to a second variant, the security means of unit U[0029] 1 generate a key of encryption/decryption K1, which is encrypted by the service key K0 and sent with the right D1 according to the above mentioned modalities. In this way, there will be as many different keys as the virtual network. A unit which participates with three networks is therefore going to store three different encryption keys.
  • In a more elaborated form of the invention, it is possible that unit U[0030] 1 wishes to transmit data with U3, without U2, also part of its network, being able to read this information.
  • This is why, when U[0031] 1 generates the right D1, a network index is added. This index may be kept on some bits if one wishes to limit the number of networks created by U1 to 256 for example. On the side of unit U2, if it participates in several networks initiated by U1, it will not duplicate the right D1 but just the index of the network.
  • After the transmission phase of this right to unit U[0032] 2, the security means proceed to the verification of the right and the index. It is important to remember that those data are stored in a crypto-processor and cannot be modified by the user.
  • In this way it will be much easier for unit U[0033] 1 to manage the different networks created.
  • This invention also extends to a centralized management system of rights. All the units are linked (or can be at a given moment) to a managing centre. When a unit requires the creation of a network R[0034] 1, it sends this request to the managing centre.
  • The latter verifies if the unit is authorized to do this operation and in an affirmative case, it will send the right D[0035] 1 to unit U1 as well as a key K1 common to the network R1.
  • When unit U[0036] 2 wishes to participate in this network, unit U1 transmits the right D1 or a part of this right to unit U2 according to the modalities already mentioned above. With this right, unit U2 can apply to the managing centre in order to receive the key K1 and the right D1 as a whole.
  • If reference is made here to a part of the right D[0037] 1 which is transferred from unit U1 to unit U2, this comes from the fact that the right D1 is transmitted totally to unit U2 by the managing centre. One can imagine that when the network R1 is created, unit U1 attributes a password to it. This password, representative of right D1 is transmitted to unit U2 which presents it to the managing centre itself.
  • The centre verifies the password and if it is correct, the right D[0038] 1 is transmitted to unit U2.
  • The interest of using a managing centre is the dynamic management of such a network. In fact, the problem of radiation of part of a network can occur at any time. Furthermore, a high security level involves the frequent change of the encryption keys. [0039]
  • These functions are available through the managing centre which can coordinate a change of key for a given network. The new key is transmitted to all the units of this network thanks to the protected connection which links all the units to the managing centre. This kind of data is transmitted encrypted with addressee the unique number of each unit. Thus, it is possible to withdraw a part of the group by stopping transmitting the updated keys. The centre can radiate a part by sending a deactivation order of the right.[0040]
  • The invention will be understood better thanks to the following detailed description which refers to annexed drawings which are given as a non limitative example, i.e.: [0041]
  • FIG. 1 describes a network without managing centre at a unique level [0042]
  • FIG. 2 describes a network without managing centre at several levels, [0043]
  • FIG. 3 describes a network with managing centre.[0044]
  • FIG. 1 illustrates 5 identified units UN[0045] 1 to UN5. Each unit contains security means in which there is a crypto-processor in charge of generation and management of the rights.
  • According to our example, unit UN[0046] 1 generates the D1 right that it sends to units UN2 and UN4.
  • In parallel, unit UN[0047] 5 generates a right D5 that it sends to units UN2 and UN3.
  • We have a first network formed by units UN[0048] 1, UN2 and UN4 as well as a second network formed by units UN2, UN3 and UN5. Unit UN2 must select the network it wishes to work on because it disposes of both rights. When data are exchanged between these different units, there are two ways of operating. According to a first embodiment, the secret key contained in the security means (or that generated with the right) is used to encrypt all the transferred contents between the different units. Another way consists of using a session key.
  • This random session key KS is generated by the transmitting unit, and is used to encrypt the data. For operational reasons of quickness, this key is a symmetrical type. The transmitting unit has a control data block that consists of the session key KS and the definition of the right necessary for the decryption of the data. This block is encrypted by a common service key to the units, or by the key generated with the right D. [0049]
  • At the time of reception, the control block is treated by the security means before the treatment of the data. These means will therefore decrypt the control block and verify if the required right is present in this unit. In an affirmative case, the session key KS is applied to the data that allows them to be decrypted. [0050]
  • FIG. 2 illustrates a variant in which unit UN[0051] 1 has generated two rights to create two networks, D1 a and D1 b. A first network is created between the units UN1, UN2 and UN3 while a second network is created between units UN1, UN4 and UN5.
  • This variant permits great flexibility in confidential data diffusion choosing that which can encrypt the data. In fact, as the transmission network is a public one, it can be considered that the data are accessible to all the units that have the right when the connection is done from one unit to the other. [0052]
  • FIG. 3 represents the variant with a managing centre MC. Unit UN[0053] 1 requires the right D1 from the MC centre as well as from the encryption key k1. The centre records the creation of the network R1 in its database. To participate in this network, unit UN2 must also receive this right D1. Because of this, the method used can be the one described above or it can receive support from the managing centre. In fact, according to a particular protocol, unit UN1 can communicate the direction of the units with which it wishes to create the R1 network. The managing centre MC, thanks to the secured telecommunications means that it includes, will transfer the right D1 to all the concerned units as well as the encryption/decryption key k1. In a similar way, if unit UN3 wishes to create a network R3, it asks the managing centre to assign it the network R3 associated to the right D3.
  • Knowledge of all the units participating in a given network is important for the regular change of the encryption keys. The centre MC can change the keys in the units at regular intervals (or pseudo-random) to avoid using the same key too long and therefore making it vulnerable. [0054]
  • The change of key is also useful to eliminate part of the network participants. The generating unit UN[0055] 1 informs the managing centre MC that the unit UNn is no longer part of the network D1 and the centre stops communicating the new keys. Alternatively or as a complement it can send a deactivation order to this unit.
  • This key K[0056] 1 can be a symmetrical or asymmetrical type. In the second case, each unit has two public and private keys and on being encrypted or decrypted, one key or the other will be used.
  • At the time of data transmission, these are generally encrypted by a session key generated randomly. This key is then encrypted by key K[0057] 1 before it is transmitted to other units.
  • According to another embodiment of the invention, the units UN are pay television decoders and the security means are made up by smart cards. These decoders are also used to receive and send data for electronic messages for example. It is also possible to connect such a decoder to a computer to take advantage of the interface with a high-speed network on one hand and the security of the transactions on the other hand. [0058]
  • According to a particular embodiment, the right D includes a validity field. So, each unit which receives this right has a validity period. The present date is added to each data exchange (see control block above). It is reminded that this control block is encrypted. [0059]
  • The security means verify the compliance of the validity of the right D with the date contained in the control block. If it is out of date, the decryption of the data is not carried out. According to the method chosen, whether it is with a master unit, or with a managing centre, it is foreseen to renew the validity before its deadline, in case that the administrator of the right is willing to do it for the unit concerned. This renewal is carried out by sending a control message to the units concerned with the description of the right and the new validity. Once the validity is exceeded, the right cannot be extended anymore and a new transmission procedure of the right, as described above, is necessary. [0060]

Claims (19)

1. Method to create and use a virtual private network (VPN) having a plurality of units connected to a public network, each unit having security means which have at least a unique number UA, this method is characterized by the following steps:
to generate a right Dn associated to the unique number UAn, by the security means of a unit Un,
to transfer this right Dn to the security means of at least one unit Um,
to encrypt the data sent by unit Un and the description of the Dn right by a encryption data key KS,
to receive the data encrypted by the second unit Um, present these data to the security means of the unit Um, verify if the Dn right is present and if this is the case, decrypt the data by the encryption data key KS.
2. Method according to claim 1, characterized by the fact that the right Dn is associated to an identifier of the second unit Um, and that the security means of the second unit verifies if the right Dn is destined for them.
3. Method according to claim 1, characterized by the fact that a network index Ra is associated with the right Dn by the unit Un, and that affiliation of the another unit Um is based on the criteria of the right Dn and the index Ra.
4. Method according to claim 2, characterized by the fact that a network index Ra is associated with the right Dn by the unit Un, and that affiliation of the another unit Um is based on the criteria of the right Dn and the index Ra.
5. Method according to claim 1, characterized by the fact that the encryption data key KS is a session key of symmetrical type and randomly generated, this key being encrypted by a first key Kn, this encryption session key KS being transmitted to the second unit Um.
6. Method according to claim 1, characterized by the fact that the encryption data key KS is a first key Kn common to a set of security means.
7. Method according to claim 5, characterized by the fact that the first key Kn is generated with the right Dn and transmitted to the participating units by means of a secret service key K0 common to the units.
8. Method according to claim 6, characterized by the fact that the first key Kn is generated with the right Dn and transmitted to the participating units by means of a secret service key K0 common to the units.
9. Method according to claim 1, characterized by the fact that the right Dn has a validity field, and includes the following steps:
to add, by the unit Un, an indication of the present date in encrypted form to the description of the right Dn,
to receive this indication by the unit Um and verify by the security means of unit Um if this date is within the validity range of the right Dn.
10. Method according to claim 2, characterized by the fact that the right Dn has a validity field, and includes the following steps:
to add, by the unit Un, an indication of the present date in encrypted form to the description of the right Dn,
to receive this indication by the unit Um and verify by the security means of unit Um if this date is within the validity range of the right Dn.
11. Method according to claim 5, characterized by the fact that the right Dn has a validity field, and includes the following steps:
to add, by the unit Un, an indication of the present date in encrypted form to the description of the right Dn,
to receive this indication by the unit Um and verify by the security means of unit Um if this date is within the validity range of the right Dn.
12. Method of creation and use of a virtual private network (VPN) which comprises a plurality of units connected to a managing centre (MC) through a public network, each unit having security means which has at least a unique number UA, this method is characterized by the following steps:
to request the creation of a network Rn through a unit Un at the managing centre (MC),
to send a right Dn and a key Kn representing an network Rn to unit Un by the managing centre (MC),
to request the registration of unit Um as part of the network Rn, at the managing center (MC),
to transmit the right Dn and the key Kn to unit Um,
to encrypt the data sent by unit Un and the description of the right Dn by a encryption data key KS,
to receive the data encrypted by the second unit Um, to present these data to the security means of unit Um, to verify if the right Dn is present and if this is the case, to decrypt the data with the encryption data key Ks.
13. Method according to claim 12, characterized by the fact that the encryption data key KS is of a symmetrical type and is generated randomly, this key is encrypted by the first Kn key, this encrypted session key being transmitted to the second unit Um.
14. Method according to claim 12, characterized by the fact that the request of the registration of unit Um includes the following steps:
transmission of a part representing the right Dn by unit Un,
presentation of this part of the right Dn at the managing centre by unit Um,
verification of the managing centre (MC) that this part corresponds to the right Dn and transmission of the right Dn and the key Kn to unit Um if this is the case.
15. Method according to claim 13, characterized by the fact that the request of the registration of unit Um includes the following steps:
transmission of a part representing the right Dn by unit Un,
presentation of this part of the right Dn at the managing centre by unit Um,
verification of the managing centre (MC) that this part corresponds to the right Dn and transmission of the right Dn and the key Kn to unit Um if this is the case.
16. Method according to claim 12, characterized by the fact that the request of the inscription of the unit Um includes the following steps:
transmission of the identifier of unit Um to the managing centre (MC) by unit Um,
transmission of the right Dn and the key Kn to unit Um by the managing centre.
17. Method according to one of the claim 12, characterized by the fact that the managing centre (MC) sends a new key Kn′ to members of the same network Rn at a pseudo-random interval.
18. Method according to one of the claim 13, characterized by the fact that the managing centre (MC) sends a new key Kn′ to members of the same network Rn at a pseudo-random interval.
19. Method according to one of the claim 14, characterized by the fact that the managing centre (MC) sends a new key Kn′ to members of the same network Rn at a pseudo-random interval.
US10/206,363 2001-07-30 2002-07-29 Method to use a virtual private network using a public network Active 2025-01-25 US7251825B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CH14242001 2001-07-30
CH1424/01 2001-07-30

Publications (2)

Publication Number Publication Date
US20030021422A1 true US20030021422A1 (en) 2003-01-30
US7251825B2 US7251825B2 (en) 2007-07-31

Family

ID=4565466

Family Applications (1)

Application Number Title Priority Date Filing Date
US10/206,363 Active 2025-01-25 US7251825B2 (en) 2001-07-30 2002-07-29 Method to use a virtual private network using a public network

Country Status (15)

Country Link
US (1) US7251825B2 (en)
EP (1) EP1413088B2 (en)
JP (1) JP4437310B2 (en)
KR (1) KR100875341B1 (en)
CN (1) CN1285195C (en)
AR (1) AR034922A1 (en)
AT (1) ATE497660T1 (en)
BR (1) BRPI0211618B1 (en)
CA (1) CA2455857C (en)
DE (1) DE60239101D1 (en)
ES (1) ES2360197T5 (en)
MX (1) MXPA04000907A (en)
MY (1) MY130422A (en)
TW (1) TW566024B (en)
WO (1) WO2003013063A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2104348A2 (en) 2008-02-25 2009-09-23 Globecomm Systems, Inc. Virtual IPTV-VOD system with remote satellite reception of satellite delivered VOD content and method of providing same
CN110933063A (en) * 2019-11-25 2020-03-27 中国联合网络通信集团有限公司 Data encryption method, data decryption method and equipment

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7177429B2 (en) 2000-12-07 2007-02-13 Blue Spike, Inc. System and methods for permitting open access to data objects and for securing data within the data objects
US7664264B2 (en) 1999-03-24 2010-02-16 Blue Spike, Inc. Utilizing data reduction in steganographic and cryptographic systems
US7475246B1 (en) 1999-08-04 2009-01-06 Blue Spike, Inc. Secure personal content server
US7287275B2 (en) 2002-04-17 2007-10-23 Moskowitz Scott A Methods, systems and devices for packet watermarking and efficient provisioning of bandwidth
US7398550B2 (en) * 2003-06-18 2008-07-08 Microsoft Corporation Enhanced shared secret provisioning protocol
GB0321335D0 (en) * 2003-09-11 2003-10-15 Rogers Paul J Method and apparatus for use in security
JP6265857B2 (en) * 2014-07-25 2018-01-24 日本航空電子工業株式会社 Connector and connector assembly

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5588060A (en) * 1994-06-10 1996-12-24 Sun Microsystems, Inc. Method and apparatus for a key-management scheme for internet protocols
US5764918A (en) * 1995-01-23 1998-06-09 Poulter; Vernon C. Communications node for transmitting data files over telephone networks
US6147995A (en) * 1995-11-15 2000-11-14 Cabletron Systems, Inc. Method for establishing restricted broadcast groups in a switched network
US20020026574A1 (en) * 2000-08-31 2002-02-28 Sony Corporation Person authentication system, person authentication method , information processing apparatus, and program providing medium
US6938155B2 (en) * 2001-05-24 2005-08-30 International Business Machines Corporation System and method for multiple virtual private network authentication schemes
US6940977B1 (en) * 1998-09-30 2005-09-06 Nec Corporation Digital video and audio data encryption, decryption and system authentication
US6978021B1 (en) * 2000-09-18 2005-12-20 Navteq North America, Llc Encryption method for distribution of data
US7036019B1 (en) * 1994-04-01 2006-04-25 Intarsia Software Llc Method for controlling database copyrights

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2448825A1 (en) 1979-02-06 1980-09-05 Telediffusion Fse SYSTEM FOR TRANSMITTING INFORMATION BETWEEN A TRANSMISSION CENTER AND RECEIVING STATIONS, WHICH IS PROVIDED WITH A MEANS OF CONTROLLING ACCESS TO THE INFORMATION TRANSMITTED
US4484027A (en) 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
JPH07271865A (en) * 1994-04-01 1995-10-20 Mitsubishi Corp Method for managing copyright of data base
JP3688830B2 (en) 1995-11-30 2005-08-31 株式会社東芝 Packet transfer method and packet processing apparatus
JPH10178421A (en) 1996-10-18 1998-06-30 Toshiba Corp Packet processor, mobile computer, packet transferring method and packet processing method
US5937067A (en) 1996-11-12 1999-08-10 Scientific-Atlanta, Inc. Apparatus and method for local encryption control of a global transport data stream
US6073125A (en) 1997-06-26 2000-06-06 Pitney Bowes Inc. Token key distribution system controlled acceptance mail payment and evidencing system
EP1048157B1 (en) 1998-01-14 2004-05-06 Irdeto Access B.V. Method for transferring data from a head-end to a number of receivers
US6253326B1 (en) 1998-05-29 2001-06-26 Palm, Inc. Method and system for secure communications
EP1045585A1 (en) 1999-04-13 2000-10-18 CANAL+ Société Anonyme Method of and apparatus for providing secure communication of digital data between devices
GB2352370B (en) 1999-07-21 2003-09-03 Int Computers Ltd Migration from in-clear to encrypted working over a communications link
US6643701B1 (en) 1999-11-17 2003-11-04 Sun Microsystems, Inc. Method and apparatus for providing secure communication with a relay in a network
US7336790B1 (en) 1999-12-10 2008-02-26 Sun Microsystems Inc. Decoupling access control from key management in a network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7036019B1 (en) * 1994-04-01 2006-04-25 Intarsia Software Llc Method for controlling database copyrights
US5588060A (en) * 1994-06-10 1996-12-24 Sun Microsystems, Inc. Method and apparatus for a key-management scheme for internet protocols
US5764918A (en) * 1995-01-23 1998-06-09 Poulter; Vernon C. Communications node for transmitting data files over telephone networks
US6147995A (en) * 1995-11-15 2000-11-14 Cabletron Systems, Inc. Method for establishing restricted broadcast groups in a switched network
US6940977B1 (en) * 1998-09-30 2005-09-06 Nec Corporation Digital video and audio data encryption, decryption and system authentication
US20020026574A1 (en) * 2000-08-31 2002-02-28 Sony Corporation Person authentication system, person authentication method , information processing apparatus, and program providing medium
US6978021B1 (en) * 2000-09-18 2005-12-20 Navteq North America, Llc Encryption method for distribution of data
US6938155B2 (en) * 2001-05-24 2005-08-30 International Business Machines Corporation System and method for multiple virtual private network authentication schemes

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2104348A2 (en) 2008-02-25 2009-09-23 Globecomm Systems, Inc. Virtual IPTV-VOD system with remote satellite reception of satellite delivered VOD content and method of providing same
EP2104348A3 (en) * 2008-02-25 2013-09-18 Globecomm Systems, Inc. Virtual IPTV-VOD system with remote satellite reception of satellite delivered VOD content and method of providing same
CN110933063A (en) * 2019-11-25 2020-03-27 中国联合网络通信集团有限公司 Data encryption method, data decryption method and equipment

Also Published As

Publication number Publication date
MY130422A (en) 2007-06-29
WO2003013063A1 (en) 2003-02-13
AR034922A1 (en) 2004-03-24
BR0211618A (en) 2004-08-24
EP1413088B2 (en) 2016-03-23
KR20040021674A (en) 2004-03-10
CN1285195C (en) 2006-11-15
CA2455857C (en) 2012-01-10
CN1547826A (en) 2004-11-17
EP1413088A1 (en) 2004-04-28
US7251825B2 (en) 2007-07-31
ES2360197T3 (en) 2011-06-01
JP2004537764A (en) 2004-12-16
BRPI0211618B1 (en) 2016-05-24
ATE497660T1 (en) 2011-02-15
ES2360197T5 (en) 2016-05-19
MXPA04000907A (en) 2004-03-26
JP4437310B2 (en) 2010-03-24
EP1413088B1 (en) 2011-02-02
TW566024B (en) 2003-12-11
CA2455857A1 (en) 2003-02-13
DE60239101D1 (en) 2011-03-17
KR100875341B1 (en) 2008-12-22

Similar Documents

Publication Publication Date Title
US10554393B2 (en) Universal secure messaging for cryptographic modules
US5602918A (en) Application level security system and method
EP0891055B1 (en) Key recovery system
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
Varadharajan et al. An analysis of the proxy problem in distributed systems
US6915434B1 (en) Electronic data storage apparatus with key management function and electronic data storage method
CN102195957B (en) Resource sharing method, device and system
US7334255B2 (en) System and method for controlling access to multiple public networks and for controlling access to multiple private networks
US20050010780A1 (en) Method and apparatus for providing access to personal information
US20080189297A1 (en) Securely Storing and Accessing Data
CN102970135B (en) For finding method and apparatus of the shared secret without leaking non-shared secret
US7251825B2 (en) Method to use a virtual private network using a public network
CN107409043B (en) Distributed processing of products based on centrally encrypted stored data
CN112187826A (en) Data authorization and data access method and system in block chain network
JP2005209118A (en) Information distributed storage system, overall authentication server device used therefor, authentication server device, distributed storage server device, and information distributed storage method
JP2005086428A (en) Method of obtaining authentication and performing crypto communication, authenticating system and authenticating method
JP2021118406A (en) User authentication method and user authentication method
CN114760050B (en) Method and system for realizing multi-party safety summation across data centers
JPS60203036A (en) Privacy communication system
Liu Security Research and Solution of Data Exchange Platform
JP2003263414A (en) Authentication processing method and authentication processor
Jones User functions for the generation and distribution of encipherment keys
CN101729255A (en) Management right allocation method of party self-government management for multi-application environment
KR20080067550A (en) Method and system for three-party authenticated key exchange using smart cards

Legal Events

Date Code Title Description
AS Assignment

Owner name: NAGRAVISION S.A., SWITZERLAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:COLLET, DANIEL;REEL/FRAME:013263/0750

Effective date: 20020730

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12